aboutsummaryrefslogtreecommitdiff
path: root/nixos/machine
diff options
context:
space:
mode:
Diffstat (limited to 'nixos/machine')
-rw-r--r--nixos/machine/adm-mpd.nix23
-rw-r--r--nixos/machine/adm-omnia.nix10
-rw-r--r--nixos/machine/adm-omnia2.nix10
-rw-r--r--nixos/machine/albert.nix31
-rw-r--r--nixos/machine/binky.nix60
-rw-r--r--nixos/machine/default.nix17
-rw-r--r--nixos/machine/errol.nix35
-rw-r--r--nixos/machine/lipwig.nix58
-rw-r--r--nixos/machine/ridcully.nix31
-rw-r--r--nixos/machine/spt-mox.nix31
-rw-r--r--nixos/machine/spt-mox2.nix78
-rw-r--r--nixos/machine/spt-mpd.nix23
-rw-r--r--nixos/machine/spt-omnia.nix10
-rw-r--r--nixos/machine/susan.nix26
14 files changed, 443 insertions, 0 deletions
diff --git a/nixos/machine/adm-mpd.nix b/nixos/machine/adm-mpd.nix
new file mode 100644
index 0000000..3e103e1
--- /dev/null
+++ b/nixos/machine/adm-mpd.nix
@@ -0,0 +1,23 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+{
+
+ config = {
+ fileSystems = {
+ "/" = {
+ device = "/dev/mmcblk0p2";
+ options = ["compress=lzo" "subvol=@nix"];
+ };
+ "/home" = {
+ device = "/dev/mmcblk0p2";
+ options = ["compress=lzo" "subvol=@home"];
+ };
+ "/boot" = {
+ device = "/dev/mmcblk0p1";
+ };
+ };
+ };
+
+}
diff --git a/nixos/machine/adm-omnia.nix b/nixos/machine/adm-omnia.nix
new file mode 100644
index 0000000..21bfeb6
--- /dev/null
+++ b/nixos/machine/adm-omnia.nix
@@ -0,0 +1,10 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+{
+
+ config = {
+ };
+
+}
diff --git a/nixos/machine/adm-omnia2.nix b/nixos/machine/adm-omnia2.nix
new file mode 100644
index 0000000..21bfeb6
--- /dev/null
+++ b/nixos/machine/adm-omnia2.nix
@@ -0,0 +1,10 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+{
+
+ config = {
+ };
+
+}
diff --git a/nixos/machine/albert.nix b/nixos/machine/albert.nix
new file mode 100644
index 0000000..0adad68
--- /dev/null
+++ b/nixos/machine/albert.nix
@@ -0,0 +1,31 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+{
+
+ config = {
+ cynerd.desktop.enable = true;
+
+ fileSystems = {
+ "/" = {
+ device = "/dev/disk/by-uuid/1c9bafac-fcf8-41c4-b394-bca5917ca82d";
+ options = ["compress=lzo" "subvol=@nix"];
+ };
+ "/home" = {
+ device = "/dev/disk/by-uuid/1c9bafac-fcf8-41c4-b394-bca5917ca82d";
+ options = ["compress=lzo" "subvol=@home"];
+ };
+ "/boot" = {
+ device = "/dev/disk/by-uuid/E403-124B";
+ };
+
+ "/home2" = {
+ device = "/dev/disk/by-uuid/55e177a1-215e-475b-ba9c-771b5fa3f8f0";
+ options = ["compress=lzo" "subvol=@home"];
+ };
+ };
+
+ };
+
+}
diff --git a/nixos/machine/binky.nix b/nixos/machine/binky.nix
new file mode 100644
index 0000000..849c719
--- /dev/null
+++ b/nixos/machine/binky.nix
@@ -0,0 +1,60 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+{
+
+ config = {
+ cynerd = {
+ desktop = {
+ enable = true;
+ laptop = true;
+ };
+ wifiClient = true;
+ develop = true;
+ };
+
+ boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "usb_storage" "sd_mod"];
+ boot.kernelModules = ["kvm-amd"];
+
+ boot.initrd.luks.devices = {
+ "encroot".device = "/dev/disk/by-uuid/b317feb5-d68d-4ec3-a24f-0307c116cac8";
+ };
+ fileSystems = {
+ "/" = {
+ device = "/dev/mapper/encroot";
+ fsType = "btrfs";
+ options = ["compress=lzo" "subvol=@"];
+ };
+ "/nix" = {
+ device = "/dev/mapper/encroot";
+ fsType = "btrfs";
+ options = ["compress=lzo" "subvol=@nix"];
+ };
+ "/home" = {
+ device = "/dev/mapper/encroot";
+ fsType = "btrfs";
+ options = ["compress=lzo" "subvol=@home"];
+ };
+ "/boot" = {
+ device = "/dev/disk/by-uuid/8F7D-A154";
+ fsType = "vfat";
+ };
+ };
+
+ services.syncthing = {
+ enable = true;
+ user = mkDefault "cynerd";
+ group = mkDefault "cynerd";
+ openDefaultPorts = true;
+
+ overrideDevices = false;
+ overrideFolders = false;
+
+ dataDir = "/home/cynerd";
+ configDir = "/home/cynerd/.config/syncthing";
+ };
+
+ };
+
+}
diff --git a/nixos/machine/default.nix b/nixos/machine/default.nix
new file mode 100644
index 0000000..bfd2594
--- /dev/null
+++ b/nixos/machine/default.nix
@@ -0,0 +1,17 @@
+{
+ machine-albert = import ./albert.nix;
+ machine-binky = import ./binky.nix;
+ machine-errol = import ./errol.nix;
+ machine-lipwig = import ./lipwig.nix;
+ machine-ridcully = import ./ridcully.nix;
+ machine-susan = import ./susan.nix;
+
+ machine-spt-omnia = import ./spt-omnia.nix;
+ machine-spt-mox = import ./spt-mox.nix;
+ machine-spt-mox2 = import ./spt-mox2.nix;
+ machine-spt-mpd = import ./spt-mpd.nix;
+
+ machine-adm-omnia = import ./adm-omnia.nix;
+ machine-adm-omnia2 = import ./adm-omnia2.nix;
+ machine-adm-mpd = import ./spt-mpd.nix;
+}
diff --git a/nixos/machine/errol.nix b/nixos/machine/errol.nix
new file mode 100644
index 0000000..707d8eb
--- /dev/null
+++ b/nixos/machine/errol.nix
@@ -0,0 +1,35 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+{
+
+ config = {
+ cynerd.desktop.enable = true;
+
+ fileSystems = {
+ "/" = {
+ device = "/dev/disk/by-uuid/b4b3dd52-29d0-4cb9-91c9-694dfcd9672c";
+ options = ["compress=lzo" "subvol=@nix"];
+ };
+ "/home" = {
+ device = "/dev/disk/by-uuid/b4b3dd52-29d0-4cb9-91c9-694dfcd9672c";
+ options = ["compress=lzo" "subvol=@home"];
+ };
+ "/boot" = {
+ device = "/dev/disk/by-uuid/87B0-A1D5";
+ };
+
+ "/home2" = {
+ device = "/dev/disk/by-uuid/259d078f-b3d9-4bcc-90cc-6a0d7271a03d";
+ options = ["compress=lzo" "subvol=@home"];
+ };
+ "/var/build" = {
+ device = "/dev/disk/by-uuid/259d078f-b3d9-4bcc-90cc-6a0d7271a03d";
+ options = ["compress=lzo" "subvol=@build" "uid=build" "gid=build"];
+ };
+ };
+
+ };
+
+}
diff --git a/nixos/machine/lipwig.nix b/nixos/machine/lipwig.nix
new file mode 100644
index 0000000..aa3d448
--- /dev/null
+++ b/nixos/machine/lipwig.nix
@@ -0,0 +1,58 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+{
+
+ config = {
+ boot.isContainer = true;
+ boot.loader.initScript.enable = true;
+
+ cynerd.openvpn.enable = true;
+
+ # Git ######################################################################
+ services.gitolite = {
+ enable = false;
+ user = "git";
+ group = "git";
+ dataDir = "/var/lib/git";
+ adminPubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIaMmBV0wPvG5JQIWxi20IDlLokhRBumTEbUUD9TNWoY Bootstrap gitolite key";
+ };
+ services.gitDaemon = {
+ enable = false;
+ user = "gitdemon";
+ group = "gitdaemon";
+ basePath = "/var/lib/git/repositories";
+ };
+
+ # CalDAV and CardDAV #######################################################
+ services.radicale = {
+ enable = true;
+ settings = {
+ server = {
+ hosts = [ "0.0.0.0:5232" "[::]:5232" ];
+ ssl = true;
+ certificate = "/run/secrets/radicale/radicale.crt";
+ key = "/run/secrets/radicale/radicale.key";
+ };
+ encoding = {
+ request = "utf-8";
+ stock = "utf-8";
+ };
+ auth = {
+ type = "htpasswd";
+ htpasswd_filename = "/run/secrets/radicale/users";
+ htpasswd_encryption = "bcrypt";
+ delay = 1;
+ };
+ storage = {
+ filesystem_folder = "/var/lib/radicale/";
+ };
+ web = {
+ type = "none";
+ };
+ };
+ };
+ };
+
+}
diff --git a/nixos/machine/ridcully.nix b/nixos/machine/ridcully.nix
new file mode 100644
index 0000000..882f967
--- /dev/null
+++ b/nixos/machine/ridcully.nix
@@ -0,0 +1,31 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+{
+
+ config = {
+ cynerd.desktop.enable = true;
+
+ fileSystems = {
+ "/" = {
+ device = "/dev/disk/by-uuid/3b3063aa-c284-4075-bb37-8820df12a2f5";
+ options = ["compress=lzo" "subvol=@nix"];
+ };
+ "/home" = {
+ device = "/dev/disk/by-uuid/3b3063aa-c284-4075-bb37-8820df12a2f5";
+ options = ["compress=lzo" "subvol=@home"];
+ };
+ "/boot" = {
+ device = "/dev/disk/by-uuid/C1A0-B7C9";
+ };
+
+ "/home2" = {
+ device = "/dev/disk/by-uuid/c9aa0b7b-7482-4d4a-bcc3-8bd6a853ae7f";
+ options = ["compress=lzo" "subvol=@home"];
+ };
+ };
+
+ };
+
+}
diff --git a/nixos/machine/spt-mox.nix b/nixos/machine/spt-mox.nix
new file mode 100644
index 0000000..eb304b2
--- /dev/null
+++ b/nixos/machine/spt-mox.nix
@@ -0,0 +1,31 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+{
+
+ config = {
+ networking = {
+ vlans = {
+ "eth0.2" = {
+ id = 2;
+ interface = "eth0";
+ };
+ };
+ bridges = {
+ brlan = {
+ interfaces = [
+ "eth0" "lan1" "lan2" "lan3" "lan4"
+ ];
+ };
+ brguest = {
+ interfaces = [
+ "eth0.2"
+ ];
+ };
+ };
+ dhcpcd.allowInterfaces = [ "brlan" ];
+ };
+ };
+
+}
diff --git a/nixos/machine/spt-mox2.nix b/nixos/machine/spt-mox2.nix
new file mode 100644
index 0000000..ed6a028
--- /dev/null
+++ b/nixos/machine/spt-mox2.nix
@@ -0,0 +1,78 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+{
+
+ config = {
+
+ #boot.kernelPatches = [{
+ # name = "rwtm";
+ # patch = null;
+ # extraConfig = ''
+ # TURRIS_MOX_RWTM y
+ # ARMADA_37XX_RWTM_MBOX y
+ # '';
+ #}];
+
+ networking.hostapd = {
+ "mlan0" = {
+ countryCode = "CZ";
+ ssid = "TurrisRules";
+ wpa = true;
+ wpaPskFile = "/run/secrets/wifi/TurrisRules.psk";
+ };
+ "wlp1s0" = {
+ countryCode = "CZ";
+ hwMode = "a";
+ channel = 36;
+ ieee80211ac = true;
+ ht_capab = ["HT40+" "LDPC" "SHORT-GI-20" "SHORT-GI-40" "TX-STBC" "RX-STBC1" "MAX-AMSDU-7935" "DSSS_CCK-40"];
+ vht_capab = ["RXLDPC" "SHORT-GI-80" "TX-STBC-2BY1" "RX-ANTENNA-PATTERN" "TX-ANTENNA-PATTERN" "RX-STBC-1" "MAX-MPDU-11454" "MAX-A-MPDU-LEN-EXP7"];
+ ssid = "TurrisRules5";
+ wpa = true;
+ wpaPskFile = "/run/secrets/wifi/TurrisRules5.psk";
+ bss = {
+ "wlp1s0host" = {
+ ssid = "NixTurris5Guest";
+ wpa = true;
+ wpaPassphrase = "somepassword";
+ };
+ };
+ };
+ };
+
+ networking = {
+ vlans = {
+ "eth0.2" = {
+ id = 2;
+ interface = "eth0";
+ };
+ };
+ bridges = {
+ brlan = {
+ interfaces = [
+ "eth0" #"mlan0" "wlp1s0"
+ ];
+ };
+ brguest = {
+ interfaces = [
+ "eth0.2" #"mlan0host" "wlp1s0host"
+ ];
+ };
+ };
+ interfaces.brlan = {
+ ipv4 = {
+ addresses = [{
+ address = config.cynerd.hosts.spt.mox2;
+ prefixLength = 24;
+ }];
+ };
+ };
+ defaultGateway = config.cynerd.hosts.spt.omnia;
+ nameservers = [ config.cynerd.hosts.spt.omnia "1.1.1.1" "8.8.8.8" ];
+ dhcpcd.allowInterfaces = [ "brlan" ];
+ };
+ };
+
+}
diff --git a/nixos/machine/spt-mpd.nix b/nixos/machine/spt-mpd.nix
new file mode 100644
index 0000000..3e103e1
--- /dev/null
+++ b/nixos/machine/spt-mpd.nix
@@ -0,0 +1,23 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+{
+
+ config = {
+ fileSystems = {
+ "/" = {
+ device = "/dev/mmcblk0p2";
+ options = ["compress=lzo" "subvol=@nix"];
+ };
+ "/home" = {
+ device = "/dev/mmcblk0p2";
+ options = ["compress=lzo" "subvol=@home"];
+ };
+ "/boot" = {
+ device = "/dev/mmcblk0p1";
+ };
+ };
+ };
+
+}
diff --git a/nixos/machine/spt-omnia.nix b/nixos/machine/spt-omnia.nix
new file mode 100644
index 0000000..21bfeb6
--- /dev/null
+++ b/nixos/machine/spt-omnia.nix
@@ -0,0 +1,10 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+{
+
+ config = {
+ };
+
+}
diff --git a/nixos/machine/susan.nix b/nixos/machine/susan.nix
new file mode 100644
index 0000000..b452ed9
--- /dev/null
+++ b/nixos/machine/susan.nix
@@ -0,0 +1,26 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+{
+
+ config = {
+ cynerd.desktop.enable = true;
+
+ fileSystems = {
+ "/" = {
+ device = "/dev/disk/by-uuid/e092a3ad-fb32-44fa-bc1f-14c2733da033";
+ options = ["compress=lzo" "subvol=@nix"];
+ };
+ "/home" = {
+ device = "/dev/disk/by-uuid/e092a3ad-fb32-44fa-bc1f-14c2733da033";
+ options = ["compress=lzo" "subvol=@home"];
+ };
+ "/boot" = {
+ device = "/dev/disk/by-uuid/EB3E-3635";
+ };
+ };
+
+ };
+
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-01 16:35:02 +0000